{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T15:05:27Z","timestamp":1767971127238,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":25,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,7,24]],"date-time":"2021-07-24T00:00:00Z","timestamp":1627084800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Hessen State Ministry for Higher Education, Research and Arts","award":["ATHENE"],"award-info":[{"award-number":["ATHENE"]}]},{"name":"German Federal Ministry of Education and Research","award":["ATHENE"],"award-info":[{"award-number":["ATHENE"]}]},{"DOI":"10.13039\/501100001659","name":"Deutsche Forschungsgemeinschaft","doi-asserted-by":"publisher","award":["SFB1119"],"award-info":[{"award-number":["SFB1119"]}],"id":[{"id":"10.13039\/501100001659","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,7,24]]},"DOI":"10.1145\/3472305.3472884","type":"proceedings-article","created":{"date-parts":[[2021,7,20]],"date-time":"2021-07-20T17:21:49Z","timestamp":1626801709000},"page":"76-81","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["DNS-over-TCP considered vulnerable"],"prefix":"10.1145","author":[{"given":"Tianxiang","family":"Dai","sequence":"first","affiliation":[{"name":"Fraunhofer SIT, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haya","family":"Shulman","sequence":"additional","affiliation":[{"name":"Fraunhofer SIT, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michael","family":"Waidner","sequence":"additional","affiliation":[{"name":"TU Darmstadt, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2021,7,24]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"DNS Flag Day","year":"2020","unstructured":"2020. DNS Flag Day 2020 . https:\/\/dnsflagday.net\/2020\/ 2020. DNS Flag Day 2020. https:\/\/dnsflagday.net\/2020\/"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243790"},{"key":"e_1_3_2_1_4_1","volume-title":"26th {USENIX} Security Symposium ({USENIX} Security 17). 1307--1322.","author":"Chung Taejoong","unstructured":"Taejoong Chung , Roland van Rijswijk-Deij , Balakrishnan Chandrasekaran , David Choffnes , Dave Levin , Bruce M Maggs , Alan Mislove , and Christo Wilson . 2017. A longitudinal, end-to-end view of the {DNSSEC} ecosystem . In 26th {USENIX} Security Symposium ({USENIX} Security 17). 1307--1322. Taejoong Chung, Roland van Rijswijk-Deij, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M Maggs, Alan Mislove, and Christo Wilson. 2017. A longitudinal, end-to-end view of the {DNSSEC} ecosystem. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 1307--1322."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"crossref","unstructured":"J Dickinson S Dickinson R Bellis A Mankin and D Wessels. 2016. RFC7766: DNS transport over TCP-implementation requirements.  J Dickinson S Dickinson R Bellis A Mankin and D Wessels. 2016. RFC7766: DNS transport over TCP-implementation requirements.","DOI":"10.17487\/RFC7766"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417884"},{"key":"e_1_3_2_1_8_1","volume-title":"Proceedings of the 5th USENIX conference on Offensive technologies. 2--2.","author":"Gilad Yossi","year":"2011","unstructured":"Yossi Gilad and Amir Herzberg . 2011 . Fragmentation considered vulnerable: blindly intercepting and discarding fragments . In Proceedings of the 5th USENIX conference on Offensive technologies. 2--2. Yossi Gilad and Amir Herzberg. 2011. Fragmentation considered vulnerable: blindly intercepting and discarding fragments. In Proceedings of the 5th USENIX conference on Offensive technologies. 2--2."},{"key":"e_1_3_2_1_9_1","volume-title":"Path MTU Discovery Considered Harmful. In 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS). IEEE, 866--874","author":"G\u00f6hring Matthias","year":"2018","unstructured":"Matthias G\u00f6hring , Haya Shulman , and Michael Waidner . 2018 . Path MTU Discovery Considered Harmful. In 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS). IEEE, 866--874 . Matthias G\u00f6hring, Haya Shulman, and Michael Waidner. 2018. Path MTU Discovery Considered Harmful. In 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS). IEEE, 866--874."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2013.6682711"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40203-6_13"},{"key":"e_1_3_2_1_12_1","volume-title":"30th {USENIX} Security Symposium ({USENIX} Security 21).","author":"Jeitner Philipp","unstructured":"Philipp Jeitner and Haya Shulman . 2021. Injection Attacks Reloaded: Tunnelling Malicious Payloads over {DNS} . In 30th {USENIX} Security Symposium ({USENIX} Security 21). Philipp Jeitner and Haya Shulman. 2021. Injection Attacks Reloaded: Tunnelling Malicious Payloads over {DNS}. In 30th {USENIX} Security Symposium ({USENIX} Security 21)."},{"key":"e_1_3_2_1_13_1","volume-title":"The Impact of DNS Insecurity on Time. In 2020 50th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 266--277","author":"Jeitner Philipp","year":"2020","unstructured":"Philipp Jeitner , Haya Shulman , and Michael Waidner . 2020 . The Impact of DNS Insecurity on Time. In 2020 50th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 266--277 . Philipp Jeitner, Haya Shulman, and Michael Waidner. 2020. The Impact of DNS Insecurity on Time. In 2020 50th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 266--277."},{"key":"e_1_3_2_1_14_1","volume-title":"Pitfalls of Provably Secure Systems in Internet The Case of Chronos-NTP. In 2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental","volume":"50","author":"Jeitner Philipp","year":"2020","unstructured":"Philipp Jeitner , Haya Shulman , and Michael Waidner . 2020 . Pitfalls of Provably Secure Systems in Internet The Case of Chronos-NTP. In 2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S). IEEE, 49-- 50 . Philipp Jeitner, Haya Shulman, and Michael Waidner. 2020. Pitfalls of Provably Secure Systems in Internet The Case of Chronos-NTP. In 2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S). IEEE, 49--50."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948113"},{"key":"e_1_3_2_1_16_1","volume-title":"Fragmentation considered harmful","author":"Kent Christopher A","unstructured":"Christopher A Kent and Jeffrey C Mogul . 1987. Fragmentation considered harmful . Vol. 17 . Christopher A Kent and Jeffrey C Mogul. 1987. Fragmentation considered harmful. Vol. 17."},{"key":"e_1_3_2_1_17_1","volume-title":"28th {USENIX} Security Symposium ({USENIX} Security 19). 1063--1080.","author":"Klein Amit","unstructured":"Amit Klein and Benny Pinkas . 2019. From IP ID to Device ID and KASLR Bypass . In 28th {USENIX} Security Symposium ({USENIX} Security 19). 1063--1080. Amit Klein and Benny Pinkas. 2019. From IP ID to Device ID and KASLR Bypass. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 1063--1080."},{"key":"e_1_3_2_1_18_1","unstructured":"LetsEncrypt. 2018. Mitigating DNS Fragmentation Attack. https:\/\/community.letsencrypt.org\/t\/mitigating-dns-fragmentation-attack\/74838.  LetsEncrypt. 2018. Mitigating DNS Fragmentation Attack. https:\/\/community.letsencrypt.org\/t\/mitigating-dns-fragmentation-attack\/74838."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"crossref","unstructured":"Aanchal Malhotra Isaac E Cohen Erik Brakke and Sharon Goldberg. 2016. Attacking the Network Time Protocol.. In NDSS.  Aanchal Malhotra Isaac E Cohen Erik Brakke and Sharon Goldberg. 2016. Attacking the Network Time Protocol.. In NDSS.","DOI":"10.14722\/ndss.2016.23090"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2012.6364596"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00434-7_4"},{"key":"e_1_3_2_1_22_1","volume-title":"Internet Control Message Protocol darpa internet program protocol specification. RFC 792","author":"Postel Jon","year":"1981","unstructured":"Jon Postel . 1981. Internet Control Message Protocol darpa internet program protocol specification. RFC 792 ( 1981 ). Jon Postel. 1981. Internet Control Message Protocol darpa internet program protocol specification. RFC 792 (1981)."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"crossref","unstructured":"Jon Postel. 1981. Internet protocol---DARPA internet program protocol specification rfc 791. (1981).  Jon Postel. 1981. Internet protocol---DARPA internet program protocol specification rfc 791. (1981).","DOI":"10.17487\/rfc0791"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-07536-5_31"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-24174-6_1"},{"key":"e_1_3_2_1_26_1","volume-title":"14th {USENIX} Symposium on Networked Systems Design and Implementation ({NSDI} 17). 131--144.","author":"Shulman Haya","unstructured":"Haya Shulman and Michael Waidner . 2017. One key to sign them all considered vulnerable: Evaluation of {DNSSEC} in the internet . In 14th {USENIX} Symposium on Networked Systems Design and Implementation ({NSDI} 17). 131--144. Haya Shulman and Michael Waidner. 2017. One key to sign them all considered vulnerable: Evaluation of {DNSSEC} in the internet. In 14th {USENIX} Symposium on Networked Systems Design and Implementation ({NSDI} 17). 131--144."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.18"}],"event":{"name":"ANRW '21: Applied Networking Research Workshop","location":"Virtual Event USA","acronym":"ANRW '21","sponsor":["SIGCOMM ACM Special Interest Group on Data Communication","IRTF Internet Research Task Force","Internet Society Internet Society"]},"container-title":["Proceedings of the Applied Networking Research Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3472305.3472884","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3472305.3472884","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:17:36Z","timestamp":1750191456000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3472305.3472884"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,7,24]]},"references-count":25,"alternative-id":["10.1145\/3472305.3472884","10.1145\/3472305"],"URL":"https:\/\/doi.org\/10.1145\/3472305.3472884","relation":{},"subject":[],"published":{"date-parts":[[2021,7,24]]},"assertion":[{"value":"2021-07-24","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}